Lucene search

CVE-2018-20685

🗓️ 10 Jan 2019 21:00:29Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 9 Media mentions👁 5032 Views

In OpenSSH 7.9, scp.c allows remote SSH servers to bypass intended access restrictions

Reporter	Title	Published	Views	Family All 139
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2018-20685	4 Mar 202500:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP5 : openssh (EulerOS-SA-2019-1038)	15 Feb 201900:00	–	nessus
Tenable Nessus	EulerOS Virtualization for ARM 64 3.0.1.0 : openssh (EulerOS-SA-2019-1399)	14 May 201900:00	–	nessus
Tenable Nessus	Photon OS 3.0: Openssh PHSA-2019-3.0-0003	22 Jul 202400:00	–	nessus
Tenable Nessus	Fedora 29 : openssh (2019-f6ff819834)	16 Jan 201900:00	–	nessus
Tenable Nessus	Fedora 28 : openssh (2019-9eb0ae6296)	22 Jan 201900:00	–	nessus
Tenable Nessus	Solaris 10 (sparc) : 148104-29	16 Apr 201900:00	–	nessus
Tenable Nessus	F5 Networks BIG-IP : OpenSSH vulnerability (K11315080)	22 Sep 202200:00	–	nessus
Tenable Nessus	Photon OS 2.0: Openssh PHSA-2019-2.0-0139	22 Jul 202400:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP3 : openssh (EulerOS-SA-2019-1097)	26 Mar 201900:00	–	nessus

Nvd

Node

openbsd opensshRange≤7.9

winscp winscpRange≤5.13

Node

netapp cloud_backupMatch-

netapp element_softwareMatch-

netapp ontap_select_deployMatch-

netapp steelstore_cloud_integrated_storageMatch-

netapp storage_automation_storeMatch-

Node

debian debian_linuxMatch8.0

debian debian_linuxMatch9.0

Node

canonical ubuntu_linuxMatch14.04lts

canonical ubuntu_linuxMatch16.04lts

canonical ubuntu_linuxMatch18.04lts

canonical ubuntu_linuxMatch18.10

Node

redhat enterprise_linuxMatch7.0

redhat enterprise_linuxMatch8.0

redhat enterprise_linux_eusMatch8.1

redhat enterprise_linux_eusMatch8.2

redhat enterprise_linux_eusMatch8.4

redhat enterprise_linux_eusMatch8.6

redhat enterprise_linux_server_ausMatch8.2

redhat enterprise_linux_server_ausMatch8.4

redhat enterprise_linux_server_ausMatch8.6

redhat enterprise_linux_server_tusMatch8.2

redhat enterprise_linux_server_tusMatch8.4

redhat enterprise_linux_server_tusMatch8.6

Node

oracle solarisMatch10

Node

fujitsu m10-1_firmwareRange<xcp2361

AND

fujitsu m10-1Match-

Node

fujitsu m10-4_firmwareRange<xcp2361

AND

fujitsu m10-4Match-

Node

fujitsu m10-4s_firmwareRange<xcp2361

AND

fujitsu m10-4sMatch-

Node

fujitsu m12-1_firmwareRange<xcp2361

AND

fujitsu m12-1Match-

Node

fujitsu m12-2_firmwareRange<xcp2361

AND

fujitsu m12-2Match-

Node

fujitsu m12-2s_firmwareRange<xcp2361

AND

fujitsu m12-2sMatch-

Node

fujitsu m10-1_firmwareRange<xcp3070

AND

fujitsu m10-1Match-

Node

fujitsu m10-4_firmwareRange<xcp3070

AND

fujitsu m10-4Match-

Node

fujitsu m10-4s_firmwareRange<xcp3070

AND

fujitsu m10-4sMatch-

Node

fujitsu m10-4s_firmwareRange<xcp3070

AND

fujitsu m10-4sMatch-

Node

fujitsu m12-1_firmwareRange<xcp3070

AND

fujitsu m12-1Match-

Node

fujitsu m12-2_firmwareRange<xcp3070

AND

fujitsu m12-2Match-

Node

fujitsu m12-2s_firmwareRange<xcp3070

AND

fujitsu m12-2sMatch-

Node

siemens scalance_x204rna_firmwareRange<3.2.7

AND

siemens scalance_x204rnaMatch-

Node

siemens scalance_x204rna_eec_firmwareRange<3.2.7

AND

siemens scalance_x204rna_eecMatch-

Source	Link
debian	www.debian.org/security/2019/dsa-4387
security	www.security.netapp.com/advisory/ntap-20190215-0001/
securityfocus	www.securityfocus.com/bid/106531
oracle	www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
oracle	www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
access	www.access.redhat.com/errata/RHSA-2019:3702
cvsweb	www.cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/scp.c.diff
security	www.security.gentoo.org/glsa/201903-16
github	www.github.com/openssh/openssh-portable/commit/6010c0303a422a9c5fa8860c061bf7105eb7f8b2
usn	www.usn.ubuntu.com/3885-1/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

10 Jan 2019 21:29Current

6.3Medium risk

Vulners AI Score6.3

CVSS22.6

CVSS35.3

EPSS0.03469